Qualys Introduces First Network Vulnerability Assessment Platform for Managed Security and Consulting Organizations

San Francisco, CA — April 10, 2001 — Qualys, Inc., a leading provider of enterprise network vulnerability assessment and monitoring solutions, today unveiled the first web-hosted, global vulnerability scanning platform for Managed Security Providers (MSPs) and other security professionals looking to provide proactive network security auditing services. The announcement was made at the RSA Security Conference in San Francisco.

“The Qualys platform extends the value of what managed security experts bring to their clientele, which is enabling companies to focus on their core businesses instead of worrying about security issues,” Charles Kolodgy, Research Manager at International Data Corporation (IDC). “A particularly strong point for Qualys is that when a company outsources its network scanning via the Qualys platform, the vulnerability reports are encrypted and are visible only to the end-customer, so there is no dilution of trust.”

Qualys enables businesses to continuously audit their networks via the Internet to detect security vulnerabilities and assess risks. The company has now extended its platform to provide the only global scanning infrastructure that enables MSPs to quickly build online vulnerability assessment and monitoring services into their security offerings. The new-generation platform includes (1) a distributed global architecture on which to base scalable scanning services, (2) an open application programming interface (API) for rapid integration, and (3) a significant expansion of audit capabilities including scanning of custom applications for Internet security holes.

Services leveraging the Qualys platform enable customers to benefit from an intruder’s eye view’ of their network security exposures. Qualys-based services quickly and accurately locate vulnerabilities across any sized network (inside and outside of firewalls), assess their severity, and provide real-time alerts and suggested fixes in an easily understood graphical format. There is nothing for users to deploy or learn, and they can scan granularly to discover only those things they need to discover at a given time-such as application-level vulnerabilities, or who’s downloading MP3 files onto corporate PCs.

Already embraced by such leading security service providers as eSecurityOnline, Global Integrity and Ubizen, the new-generation Qualys platform is the only platform to support “modular scanning.” This capability, based on Qualys’ multithreaded inference engine, accelerates the speed of scans as well as MSPs’ time to market. Unlike traditional scanning engines, the inference engine does not require a logic tree. Instead it deduces which scans to trigger. The end results of having such a slim, stable and Internet bandwidth-friendly engine include the ability to perform more tests in less time, perform closely focused scans, and rapidly build highly targeted scanning modules to meet particular end user needs.

“The implementation of the Qualys scanning engine into eSO Scan gives us the opportunity to scan networks against our knowledgebase of over 3,000 vulnerabilities-limited previously to 700 or 800 vulnerabilities with other scanning tools,” said Robin Hutchinson, CEO for eSecurityOnline LLC, an Ernst & Young LLP Company. “The Qualys platform clears the way for branded and unique security services to proactively scan and assess worldwide networks remotely, via the Internet.”

“Network security is not a product nor a service-it is a process,” said Philippe Courtot, chairman and CEO of Qualys. “By delivering a global scanning infrastructure and providing security professionals the means to leverage that infrastructure through value added services, Qualys will greatly enhance the security process and help transform the way network security is managed.”

Pricing and Availability

The Qualys platform is live and fully functional now. QualysGuard subscriptions start at $1,995 per IP per year for one IP address. Volume discounts apply to MSPs. Prices for traveling licenses for security consultants start at $15,000 per consultant (unlimited IP addresses, unlimited customers, 6 scans per IP address per year).

About Qualys

With more than 2,000 subscribers ranging from small businesses to multinational corporations, Qualys has become the leader in on demand vulnerability management and policy compliance. The company allows security managers to strengthen the security of their networks effectively, conduct automated security audits and ensure compliance with internal policies and external regulations. Qualys’ on demand technology offers customers significant economic advantages, requiring no capital outlay or infrastructure to deploy and manage. Its distributed scanning capabilities and unprecedented scalability make it ideal for large, distributed organisations. Hundreds of large companies have deployed Qualys on a global scale, including AXA, DuPont, Hershey Foods, ICI Ltd, Novartis, Sodexho, Standard Chartered Bank and many others. Qualys is headquartered in Redwood City, California, with European offices in France, Germany and the U.K., and Asian representatives in Japan, Singapore, Australia, Korea and the Republic of China. For more information, please visit www.qualys.com.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Media Contact:
Tami Casey
Qualys
media@qualys.com